Some FAQs Answered About the New Cybersecurity Rule

Story excerpt provided by National DEFENSE

Written by Townsend L. Bourne.

The majority of Defense Department contractors no doubt by now have drafted and populated a system security plan in accordance with Defense Federal Acquisition Regulation Supplement cybersecurity provisions, which require implementation of the security controls in National Institute of Standards and Technology Special Publication 800-171.

The Defense Department clarified last year that the requirement to implement the security controls by the Dec. 31 deadline was satisfied by the creation of a system security plan with plans of action for controls not yet met.